Categories

• Announcements

  Announcements regarding our community

  Release
  91
  Topics
  138
  Posts

  A

  Hey, are you interested in learning more about JSON Web Tokens and how to protect your APIs with them?

  Join my talk hosted by the great peeps at Gun.io!

  https://www.meetup.com/gundotio/events/302264818/

• General Discussion

  Connect with other community members to discuss CIAM, architecture, app development, and more.

  556
  Topics
  1.8k
  Posts

  E

  @mark-robustelli No worries, we do have a working setup now after a slew of theme tweaks. That said there is still an outstanding question and a possible bug (both low priority).

  The question: What happened to the ability to complete an oauth authentication flow by POSTing a code to /oauth2/passwordless? That worked in 1.48.3 but not in 1.55.1.

  The potential bug: Why does a GET call to /oauth2/passwordless/<invalid code> redirect the user to the browser confirmation page (even when the request is from the same browser) instead of an invalid code page?

• Comments & Feedback

  Share your tips and feedback with FusionAuth and the FusionAuth community.

  86
  Topics
  283
  Posts

  M

  @maciej-wisniowski Looks like you are getting some traction on the issue. Thanks for taking the time to work through this and submit the issue to make FusionAuth better.

• Q&A

  You've got questions? We've got answers.

  1.6k
  Topics
  4.9k
  Posts

  J

  @mark-robustelli

  This is the error shown in the url after oauth2/authorize redirects to redirect_uri:

  ?error=invalid_request&error_reason=missing_response_type&error_description=The+request+is+missing+a+required+parameter%3A+response_type

  At some point I used a combination of these two params in the oauth2/authorize endpoint to prevent it, is this safe to do or may it come with possible drawbacks?

  response_type=code response_mode=form_post

  Thanks!

• Blogs

  Share and discuss community blog posts.

  169
  Topics
  190
  Posts

  D

  Community blog post: https://medium.com/@rsiva_nitric/fusionauth-as-an-alternative-to-auth0-for-robust-authentication-c8e865be86a1

• Frequently Asked Questions (FAQ)

  A read-only knowledge base of questions asked and answered about FusionAuth.

  9
  Topics
  18
  Posts

  W

  Existing Role Limitations in FusionAuth FusionAuth provides predefined Admin UI roles, which are not modifiable. You can review the available roles here:
  FusionAuth Admin UI Roles The default FusionAuth application roles cannot be changed, which means read-only roles are not currently available. Requesting Read-Only Roles as a Feature FusionAuth does not currently support read-only access roles for applications or tenants. The likely reason for this is that users who need to view application/tenant properties often also need to update them. However, you can submit a feature request to suggest adding read-only roles:
  Submit a Feature Request Workaround: Implement a Custom Read-Only View

  If immediate read-only access is required, consider:

  Using the FusionAuth APIs to create a custom dashboard where users can view but not edit data. Relevant APIs for this purpose: Application API Tenant API

  Summary

  No built-in read-only roles exist for applications or tenants. FusionAuth Admin UI roles are not modifiable. You can request read-only roles as a feature via GitHub. A workaround is to build a custom, API-based read-only view.
• Jobs

  Connect with people who can help you with FusionAuth projects.

  13
  Topics
  15
  Posts

  D

  https://www.upwork.com/freelance-jobs/apply/FusionAuth-NextAuth-application_~01c79f95fdbcb94d61/